Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

1bbf1cfe87...9a.exe

windows7-x64

10

1bbf1cfe87...9a.exe

windows10-1703-x64

10

1bbf1cfe87...9a.exe

windows10-2004-x64

10

1bbf1cfe87...9a.exe

windows11-21h2-x64

10

Analysis

  • max time kernel
    91s
  • max time network
    99s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    23/08/2024, 09:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1bbf1cfe87ee82ea801897e19cecfff045fc66599346620c15d14fee368f7e9a.exe

  • Size

    2.1MB

  • MD5

    03aad8d88f3b963118e539eb4d895b03

  • SHA1

    32161cc99e50856f0100fdcefc3ae223321feaca

  • SHA256

    1bbf1cfe87ee82ea801897e19cecfff045fc66599346620c15d14fee368f7e9a

  • SHA512

    88a6e37dc2d64553d3a9fdbb9f5053590f95d24ae17c43d2c7f246fc5949f71d93f295810eb2ba6e5d6e80c596068a2183334d3a6aecd747679bf5cc5de1c0f7

  • SSDEEP

    49152:gN+ULR1moocAcV+5iv6t04xBi0+0hopKmfP4KFF6RThKAxVDG2A8946oNZ:MkXDwwB/VDKN

Score
10/10
stealer

Malware Config

Signatures

  • DeerStealer 5 IoCs

    Detects DeerStealer malware - JaffaCakes118.

    stealer

Processes

  • C:\Users\Admin\AppData\Local\Temp\1bbf1cfe87ee82ea801897e19cecfff045fc66599346620c15d14fee368f7e9a.exe
    "C:\Users\Admin\AppData\Local\Temp\1bbf1cfe87ee82ea801897e19cecfff045fc66599346620c15d14fee368f7e9a.exe"
    1⤵
      PID:3112

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3112-0-0x00007FF762FF0000-0x00007FF76326F000-memory.dmp

      Filesize

      2.5MB

      Download

    • memory/3112-6-0x00007FF762FF0000-0x00007FF76326F000-memory.dmp

      Filesize

      2.5MB

      Download

    • memory/3112-7-0x00007FF762FF0000-0x00007FF76326F000-memory.dmp

      Filesize

      2.5MB

      Download

    • memory/3112-11-0x00007FFBB5CE4000-0x00007FFBB5CE5000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3112-13-0x00007FF762FF0000-0x00007FF76326F000-memory.dmp

      Filesize

      2.5MB

      Download

    • memory/3112-15-0x00007FF762FF0000-0x00007FF76326F000-memory.dmp

      Filesize

      2.5MB

      Download

    • memory/3112-19-0x00007FF762FF0000-0x00007FF76326F000-memory.dmp

      Filesize

      2.5MB

      Download

    • memory/3112-24-0x00007FF762FF0000-0x00007FF76326F000-memory.dmp

      Filesize

      2.5MB

      Download